<?php
	include 'dbconnection.php';
	$date = date('Y-m-d h:m:i');
	date_default_timezone_set('India/Kolkata');
	ini_set ("upload_tmp_dir", "/tmp"); 
	if(isset($_POST['Add'])) {
	if(!empty($_POST['sp_catalog_item_yesno']) || !empty($_POST['sp_master_client']) || !empty($_POST['sp_longitude']) || !empty($_POST['sp_latitude'])) {
	
	$imageName = rand().$_FILES['sp_photo']['name'];
						$date1 = date("Y-m-d", strtotime($_POST['sp_date_installed']));
						$date2 = date("Y-m-d", strtotime($_POST['sp_date_last_insp']));
						$date3 = date("Y-m-d", strtotime($_POST['sp_date_next_insp']));
					$insert = sprintf("INSERT INTO `Sign_Posts` (sp_catalog_item_yesno,
															   sp_master_client,
															   sp_longitude,
												 			   sp_latitude,
															   sp_date_installed,
															   sp_date_last_insp,
															   sp_date_next_insp,
															   sp_agency,
															   sp_district,
															   sp_standard,
															   sp_type,
															   sp_dimension1,
															   sp_dimension2,
															   sp_length,
															   sp_num_posts,
															   sp_material,
															   sp_mounting,
															   sp_breakaway,
															   sp_topper_type,
															   sp_condition,
															   sp_action_needed,
															   sp_street1,
															   sp_street2,
															   sp_street3,
															   sp_distance_intersection,
															   sp_distance_eop,
															   sp_custom1,
															   sp_custom2,
															   sp_custom3,
															   sp_yes_no1,
															   sp_yes_no2,
															   sp_yes_no3,
															   sp_photo,
															   sp_comments,
															   sp_status,
															   sp_cost) 
								VALUES ('%d','%d','%f','%f','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%d','%s','%s','%s','%s','%s','%s','%s','%s','%s','%d','%d','%s','%s','%s','%d','%d','%d','%s','%s','%s','%s')", 
										mysql_real_escape_string($_POST['sp_catalog_item_yesno']),
										mysql_real_escape_string($_POST['sp_master_client']),
										mysql_real_escape_string($_POST['sp_longitude']),
										mysql_real_escape_string($_POST['sp_latitude']),
										$date1,
										$date2,
										$date3,
										mysql_real_escape_string($_POST['sp_agency']),
										mysql_real_escape_string($_POST['sp_district']),
										mysql_real_escape_string($_POST['sp_standard']),
										mysql_real_escape_string($_POST['sp_type']),
										mysql_real_escape_string($_POST['sp_dimension1']),
										mysql_real_escape_string($_POST['sp_dimension2']),
										mysql_real_escape_string($_POST['sp_length']),
										mysql_real_escape_string($_POST['sp_num_posts']),
										mysql_real_escape_string($_POST['sp_material']),
										mysql_real_escape_string($_POST['sp_mounting']),
										mysql_real_escape_string($_POST['sp_breakaway']),
										mysql_real_escape_string($_POST['sp_topper_type']),
										mysql_real_escape_string($_POST['sp_condition']),
										mysql_real_escape_string($_POST['sp_action_needed']),
										mysql_real_escape_string($_POST['sp_street1']),
										mysql_real_escape_string($_POST['sp_street2']),
										mysql_real_escape_string($_POST['sp_street3']),
										mysql_real_escape_string($_POST['sp_distance_intersection']),
										mysql_real_escape_string($_POST['sp_distance_eop']),
										mysql_real_escape_string($_POST['sp_custom1']),
										mysql_real_escape_string($_POST['sp_custom2']),
										mysql_real_escape_string($_POST['sp_custom3']),
										mysql_real_escape_string($_POST['sp_yes_no1']),
										mysql_real_escape_string($_POST['sp_yes_no2']),
										mysql_real_escape_string($_POST['sp_yes_no3']),
										$imageName,
										mysql_real_escape_string($_POST['sp_comments']),
										mysql_real_escape_string($_POST['sp_status']),
										mysql_real_escape_string($_POST['sp_cost']));
				mysql_query($insert);
				
				$signPostId = mysql_insert_id();
				
				$insertPostActivity = sprintf("INSERT INTO `Post_Activity` (pa_post_id,
															   pa_datetime,
															   pa_activity) 
								VALUES ('%d','%s','%s')", 
										$signPostId,
										$date,
										mysql_real_escape_string($_POST['pa_activity']));
				mysql_query($insertPostActivity);
				
				move_uploaded_file($_FILES['sp_photo']['tmp_name'],'photo/'.$imageName);
				
				/*header('Location:messageDisp.php?msg=1&action=signPostMsg');exit;*/
				header('Location:signPostManager.php?id='.$signPostId.'&action=edit&msg=3');exit;
	} // main if ends here
	else  {
		header('Location:signPostManager.php?msg=2&action=add');exit;
	}	
  }
  
  ////////////////////////////////EDIT ACTIONS//////////////////////////////////////
  
  elseif(isset($_POST['Edit'])) {
	if(!empty($_POST['sp_catalog_item_yesno']) || !empty($_POST['sp_master_client']) || !empty($_POST['sp_longitude']) || !empty($_POST['sp_latitude'])) {
	
						//echo date('Y-m-d',strtotime($_POST['sp_date_installed']));exit;					
						
						$date1 = date("Y-m-d", strtotime($_POST['sp_date_installed']));
						$date2 = date("Y-m-d", strtotime($_POST['sp_date_last_insp']));
						$date3 = date("Y-m-d", strtotime($_POST['sp_date_next_insp']));
					 $update = sprintf("UPDATE `Sign_Posts` 
						 									    SET `sp_catalog_item_yesno` = '%d',
															     `sp_master_client` = '%d',
															     `sp_longitude` = '%f',
															     `sp_latitude` = '%f',
																 `sp_date_installed` = '%s',
																 `sp_date_last_insp` = '%s',
																 `sp_date_next_insp` = '%s',
																 `sp_agency` = '%s',
																 `sp_district` = '%s',
																 `sp_standard` = '%s',
																 `sp_type` = '%s',
																 `sp_dimension1` = '%s',
																 `sp_dimension2` = '%s',
																 `sp_length` = '%s',
																 `sp_num_posts` = '%d',
																 `sp_material` = '%s',
																 `sp_mounting` = '%s',
																 `sp_breakaway` = '%s',
																 `sp_topper_type` = '%s',
																 `sp_condition` = '%s',
																 `sp_action_needed` = '%s',
																 `sp_street1` = '%s',
																 `sp_street2` = '%s',
																 `sp_street3` = '%s',
																 `sp_distance_intersection` = '%d',
																 `sp_distance_eop` = '%d',
																 `sp_custom1` = '%s',
																 `sp_custom2` = '%s',
																 `sp_custom3` = '%s',
																 `sp_yes_no1` = '%d',
																 `sp_yes_no2` = '%d',
																 `sp_yes_no3` = '%d',
																 `sp_comments` = '%s',
																 `sp_status` = '%s',
																 `sp_cost` = '%s'
																WHERE  `sp_id`   = '%d'", 
										mysql_real_escape_string($_POST['sp_catalog_item_yesno']),
										mysql_real_escape_string($_POST['sp_master_client']),
										mysql_real_escape_string($_POST['sp_longitude']),
										mysql_real_escape_string($_POST['sp_latitude']),
										$date1,
										$date2,
										$date3,
										mysql_real_escape_string($_POST['sp_agency']),
										mysql_real_escape_string($_POST['sp_district']),
										mysql_real_escape_string($_POST['sp_standard']),
										mysql_real_escape_string($_POST['sp_type']),
										mysql_real_escape_string($_POST['sp_dimension1']),
										mysql_real_escape_string($_POST['sp_dimension2']),
										mysql_real_escape_string($_POST['sp_length']),
										mysql_real_escape_string($_POST['sp_num_posts']),
										mysql_real_escape_string($_POST['sp_material']),
										mysql_real_escape_string($_POST['sp_mounting']),
										mysql_real_escape_string($_POST['sp_breakaway']),
										mysql_real_escape_string($_POST['sp_topper_type']),
										mysql_real_escape_string($_POST['sp_condition']),
										mysql_real_escape_string($_POST['sp_action_needed']),
										mysql_real_escape_string($_POST['sp_street1']),
										mysql_real_escape_string($_POST['sp_street2']),
										mysql_real_escape_string($_POST['sp_street3']),
										mysql_real_escape_string($_POST['sp_distance_intersection']),
										mysql_real_escape_string($_POST['sp_distance_eop']),
										mysql_real_escape_string($_POST['sp_custom1']),
										mysql_real_escape_string($_POST['sp_custom2']),
										mysql_real_escape_string($_POST['sp_custom3']),
										mysql_real_escape_string($_POST['sp_yes_no1']),
										mysql_real_escape_string($_POST['sp_yes_no2']),
										mysql_real_escape_string($_POST['sp_yes_no3']),
										mysql_real_escape_string($_POST['sp_comments']),
										mysql_real_escape_string($_POST['sp_status']),
										mysql_real_escape_string($_POST['sp_cost']),
										mysql_real_escape_string($_POST['sp_id']));
										
										mysql_query($update);
										
						$updatePostActivity = sprintf("UPDATE `Post_Activity` 
															   SET    `pa_activity`  = '%s'
															   WHERE  `pa_post_id`   = '%d'",
													   mysql_real_escape_string($_POST['pa_activity']),
													   mysql_real_escape_string($_POST['sp_id']));
						mysql_query($updatePostActivity);
						
				$imageName = rand().$_FILES['sp_photo']['name'];
				if(!empty($_FILES['sp_photo']['name'])) {
				$query = "UPDATE `Sign_Posts` SET `sp_photo` = '$imageName' WHERE `sp_id` = '".$_POST['sp_id']."'";
						mysql_query($query);
						move_uploaded_file($_FILES['sp_photo']['tmp_name'],'photo/'.$imageName);
					
				}
			
																															
					header('Location:messageDisp.php?msg=2&action=signPostMsg&id='.$_POST['sp_id'].'');exit;
					
	}
}
	
	
  ////////////////////////////CODE TO DELETE/////////////////////////// 	
  elseif($_REQUEST['action'] == "delete") {
	$deleteQry  = "DELETE FROM `Sign_Posts` WHERE `sp_id`='".$_REQUEST['id']."'"; 
	$qryExe = mysql_query($deleteQry);
	
	header('location:signPostList.php?msg=del');exit;
  }
  
    ////////////////////////////CODE TO STATUS////////////////////////// 	
  elseif($_REQUEST['action'] == "status") {
 	 if($_REQUEST['curStatus'] == '0') {
		$query = "UPDATE `sign_posts` SET `operatorStatus`= '1' WHERE `operatorId` = '".$_REQUEST['id']."'";
		$result = mysql_query($query);
		header("Location:messageDisp.php?action=op&msg=3");exit;
	}
	if($_REQUEST['curStatus'] == '1') {
		$query = "UPDATE `sign_posts` SET `operatorStatus`= '0' WHERE `operatorId` = '".$_REQUEST['id']."'";
		$result = mysql_query($query);
		header("Location:messageDisp.php?action=op&msg=4");exit;
	}
  }
  
  ///////////////////////////////////////////RESET PASSS//////////////////////////////////////
  elseif(isset($_POST['changePassword'])) {
		if(!empty($_POST['newPassword']) && !empty($_POST['newCPassword'])) {
			if($_POST['newCPassword'] != $_POST['newPassword']) {
			header("Location:signPostManager.php?id=".$_POST['operatorId']."&msg=1&action=chPass");exit;
			}
		
			 $encryptNewPassword = md5($_POST['newCPassword']);
			 $update = sprintf("UPDATE `sign_posts` 
															   SET    `operatorpassword`  = '%s'
															   WHERE  `operatorId`   = '%d'",
													   mysql_real_escape_string($encryptNewPassword), 
													   mysql_real_escape_string($_POST['operatorId']));
						mysql_query($update);
				header('Location:messageDisp.php?action=op&msg=6');exit;
		} else {
		header("Location:signPostManager.php?id=".$_POST['operatorId']."&msg=2&action=chPass");exit;
		}
	}
?>
